Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-22280

Summary
Assigner-ABB
Assigner Org ID-2b718523-d88f-4f37-9bbd-300c20644bf9
Published At-14 May, 2024 | 19:36
Updated At-03 Aug, 2024 | 18:37
Rejected At-
Credits

DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ABB
Assigner Org ID:2b718523-d88f-4f37-9bbd-300c20644bf9
Published At:14 May, 2024 | 19:36
Updated At:03 Aug, 2024 | 18:37
Rejected At:
▼CVE Numbering Authority (CNA)
DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.

Affected Products
Vendor
B&R Industrial Automation GmbHB&R Industrial Automation
Product
Automation Studio
Default Status
unaffected
Versions
Affected
  • From 0 before 4.12 (custom)
Problem Types
TypeCWE IDDescription
N/AN/ADLL Hijacking Vulnerability in Automation Studio
Type: N/A
CWE ID: N/A
Description: DLL Hijacking Vulnerability in Automation Studio
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
N/A
Hyperlink: https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
B&R Industrial Automation GmbHbr-automation
Product
automation_studio
CPEs
  • cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 4.0 before 4.12 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
x_transferred
Hyperlink: https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cybersecurity@ch.abb.com
Published At:14 May, 2024 | 20:15
Updated At:19 Dec, 2025 | 14:48

Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.2HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CPE Matches
B&R Industrial Automation GmbH
br-automation
>>automation_studio>>Versions from 4.0(inclusive) to 4.12(exclusive)
cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-427Primarynvd@nist.gov
CWE-20Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-427
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdfcybersecurity@ch.abb.com
Vendor Advisory
https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdfaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
Source: cybersecurity@ch.abb.com
Resource:
Vendor Advisory
Hyperlink: https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2024-2637
Matching Score-10
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-10
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-7.2||HIGH
EPSS-0.04% / 13.33%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 18:49
Updated-24 Apr, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Loading of Code in B&R Products

An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4, B&R Industrial Automation APROL, B&R Industrial Automation CAN Driver, B&R Industrial Automation CAN Driver CC770, B&R Industrial Automation CAN Driver SJA1000, B&R Industrial Automation Tou0ch Lock, B&R Industrial Automation B&R Single-Touch Driver, B&R Industrial Automation Serial User Mode Touch Driver, B&R Industrial Automation Windows Settings Changer (LTSC), B&R Industrial Automation Windows Settings Changer (2019 LTSC), B&R Industrial Automation Windows 10 Recovery Solution, B&R Industrial Automation ADI driver universal, B&R Industrial Automation ADI Development Kit, B&R Industrial Automation ADI .NET SDK, B&R Industrial Automation SRAM driver, B&R Industrial Automation HMI Service Center, B&R Industrial Automation HMI Service Center Maintenance, B&R Industrial Automation Windows 10 IoT Enterprise 2019 LTSC, B&R Industrial Automation KCF Editor could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path..This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2; APROL: before 4.4-01; CAN Driver: before 1.1.0; CAN Driver CC770: before 3.3.0; CAN Driver SJA1000: before 1.3.0; Tou0ch Lock: before 2.1.0; B&R Single-Touch Driver: before 2.0.0; Serial User Mode Touch Driver: before 1.7.1; Windows Settings Changer (LTSC): before 3.2.0; Windows Settings Changer (2019 LTSC): before 2.2.0; Windows 10 Recovery Solution: before 3.2.0; ADI driver universal: before 3.2.0; ADI Development Kit: before 5.5.0; ADI .NET SDK: before 4.1.0; SRAM driver: before 1.2.0; HMI Service Center: before 3.1.0; HMI Service Center Maintenance: before 2.1.0; Windows 10 IoT Enterprise 2019 LTSC: through 1.1; KCF Editor: before 1.1.0.

Action-Not Available
Vendor-B&R Industrial Automation GmbH
Product-CAN Driver SJA1000APROLKCF Editormapp VisionScene ViewerAutomation RuntimeADI .NET SDKHMI Service CenterSRAM driverCAN Driver CC770Tou0ch Lockmapp CockpitHMI Service Center MaintenanceCAN DriverSerial User Mode Touch Drivermapp SafetyADI driver universalWindows 10 Recovery SolutionWindows Settings Changer (LTSC)ADI Development KitVC4B&R Single-Touch DriverWindows Settings Changer (2019 LTSC)Windows 10 IoT Enterprise 2019 LTSCmapp Viewscene_viewermapp_visionautomation_runtimemapp_cockpitvc4mapp_view
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24682
Matching Score-8
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-8
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.90%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 07:11
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Automation Studio and PVI Multiple unquoted service path vulnerabilities

Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4.

Action-Not Available
Vendor-B&R Industrial Automation GmbHMicrosoft Corporation
Product-windowsautomation_net\/pviautomation_studioNET/PVIAutomation Studio
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-22289
Matching Score-6
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-6
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-8.3||HIGH
EPSS-0.71% / 72.14%
||
7 Day CHG~0.00%
Published-11 Aug, 2022 | 14:56
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RCE through Project Upload from Target

Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.

Action-Not Available
Vendor-B&R Industrial Automation GmbH
Product-studioAutomation Studio
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29012
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-0.10% / 26.62%
||
7 Day CHG~0.00%
Published-25 Apr, 2023 | 20:44
Updated-03 Feb, 2025 | 18:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Git CMD erroneously executes `doskey.exe` in the current directory, if it exists

Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed `doskey.exe` would be executed silently upon running Git CMD. The problem has been patched in Git for Windows v2.40.1. As a workaround, avoid using Git CMD or, if using Git CMD, avoid starting it in an untrusted directory.

Action-Not Available
Vendor-git_for_windows_projectgit-for-windows
Product-git_for_windowsgit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-40746
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.19% / 40.57%
||
7 Day CHG~0.00%
Published-21 Nov, 2022 | 17:53
Updated-24 Apr, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-i_access_client_solutionswindowsi
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-22095
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.10% / 26.64%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-20 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-UEFI firmware for some Intel(R) Server D50DNP Family productsserver_system_d50tnp2mhsvac_firmware
CWE ID-CWE-20
Improper Input Validation
Details not found